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1 REMARKS 

2 These remarks follow the order of the paragraphs of the office action. Relevant portions of the 

3 office action are shown indented and italicized. 

4 DETAILED A CTION 

5 1. Claims 1-23 remain pending in this examination, claims 15-17, and 21 remain 

6 withdrawn as being drawn to a nonelected invention. 

7 Claim Rejections - 35 USC §103 

8 2. The text of those sections of Title 35, U.S. Code not included in this action can be 

9 found in a prior Office action. 

1 0 Claims 1-6, 8-14, 18-20, 22 and 23 are rejected under 35 U. S. C. 1 03(a) as being 

1 1 unpatentable over Goyal et al. (USPN 6,976,258) (hereinafter Goyal) in view of Vaid et 

12 al. (USPN 6,137,777) (hereinafter '777). 

13 In response, the applicants respectfully state that they take continued exception with the 

14 equivalencies of the elements of the claims and the invention of Goyal with or without Vaid. 

15 Claims 1-6, 8-14, 18-20, 22 and 23 as amended are not anticipated by the invention of Goyal with 

16 or without Vaid. The abstract of the present invention, claimed in Claims 1-5, 8-14, 18-20, 22 and 

17 23 reads: 

18 The increasing number of Internet users and innovative new services such as e-commerce 

19 are placing new demands on Web servers. It is becoming essential for Web servers to 

20 provide performance isolation, have fast recovery times, and provide continuous service 

21 during overload at least to preferred customers. The invention describes a kernel-based 

22 architecture for content-aware service differentiation that protects Web servers against 

23 overload by controlling the amount and rate of work entering the system. We have 

24 invented a mechanism that provides admission control and service differentiation based on 

25 connection and application level information. The application header-based connection 
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control uses application-level information (such as URIs and cookies for HTTP) to define 
different service differentiation actions. The present invention provides the kernel 
mechanisms that are more efficient and scalable than application level controls 
implemented in current Web servers. 



5 The present invention claims a kernel-based architecture for content-aware service differentiation 

6 that protects Web servers against overload by controlling the amount and rate of work entering 

7 the system. The claimed mechanism provides admission control and service differentiation based 

8 on connection and application level information. 

9 Whereas, the cited art to Goyal , US Patent 6,976,258, filed: November 30, 1999, is entitled: 

10 "Providing quality of service guarantees to virtual hosts". The Goyal abstract reads : 

1 1 "A method facilitates providing appropriate quality of service guarantees to a plurality of 

12 virtual hosts on a single physical host computer. A server application program and its child 

13 processes service communication requests made to the plurality of virtual hosts. Quality of 

14 service parameters associated with the virtual hosts are stored. Communication requests 

15 made to a specific one of the virtual hosts are detected. The quality of service parameters 

16 associated with the specific virtual host are obtained. Operating system resources are 

17 utilized to guarantee, to a child process of the server application program, a quality of 

18 service according to the obtained quality of service parameters associated with the virtual 

19 host. Communication between the virtual host and the client is allowed to proceed, the 

20 communication being managed by the child process.". 

21 Goyal is concerned only with efficiently routing connections to one of multiple virtual hosts on a 

22 single physical system by intercepting system calls. Goyal is apparently not concerned with 

23 content-aware service differentiation that protects Web servers against overload by controlling the 

24 amount and rate of work entering the system that provides admission control and service 

25 differentiation based on connection and application level information. 
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1 The other cited art to Vaid , US Patent 6,341,309, filed: December 24, 1997, is entitled: "Firewall 

2 system for quality of service management". The Vaid abstract reads: 



3 "A novel system for a network of computers to improve quality of services using a 

4 combination of a bandwidth management tool in a firewall. The present system includes, 

5 among other elements, a plurality of computers, which are each coupled to each other to 

6 form an internal network of computers (e.g., local area network or LAN). The system also 

7 includes a server, which has a memory sufficient to store a firewall program. The server is 

8 coupled to at least one of the plurality of computers, where the server is also coupled to 

9 an outgoing line to a wide area network of computers, which can be, for example, the 

10 Intenet. A bandwidth management tool is coupled to or stored in the server, where the 

1 1 bandwidth management tool is capable of monitoring incoming and outgoing information 

12 to and from the server". 



13 Thus Vaid is concerned with a system for a network of computers to improve quality of services 

14 using a combination of a bandwidth management tool in a firewall. Besides, there is apparently no 

15 reason to combine Goyal and Vaid except to attempt to allegedly find a combination that employs 

16 the elements of the present claims using hindsight. This is not allowed especially when neither 

17 reference cites the other. But even when combined the references do not make the present claims 

18 obvious. 

19 Goyal with or without Vaid is not concerned with using application information or application 

20 header information for service differentiation as in the present claims, and are apparently not 

21 concerned with content-aware service differentiation that protects Web servers against overload 

22 by controlling the amount and rate of work entering the system providing admission control and 

23 service differentiation based on connection and application level information. The references 

24 apparently rely on network addresses which are well defined in the TCP communication protocol, 

25 not application headers as in the present claims. 

26 Applicants respectfully further state that the presently claimed invention includes a mechanism 

27 that provides admission control and service differentiation based on connection and application 
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1 level information. This mechanism can be used by 1) a system that is not virtualized (e.g. a 

2 physical system) 2) inside a single virtual host 3) across multiple virtual hosts which are 

3 virtualized by the underlying system 4) a physical system with more than one application. This is 

4 not the case with any of the cited references. Thus Claims 1-5, 8-14, 18-20, 22 and 23 are 

5 allowable over the cited art combination. 



6 3. Referring to claim 1, Goyal discloses a method comprising employing at least one 

7 system for differentiating at least one service class in a kernel (i.e. operating system) by 

8 providing service differentiation as a kernel service (i.e. the Office construes the term 

9 kernel service as a system which can call the kernel to provide a service on behalf of 

10 another entity) and using service differentiation (i.e. QoS) to perform service 

1 1 differentiation based on content in at least one data packet for connections accepted in 

12 said at least one system (i.e. connections are accepted pending QoS requirement 

13 fulfillment), including the steps of: capturing at least one data packet until a complete 

14 application header is detected ("all such requests are received by the server application 

1 5 program ") (i. e. an inherent feature of receiving a request is that the packet has an 

16 application header) (col 6, lines 45-50); parsing said complete application header to 

17 determine at least one application tag (i.e. attribute information such as source and 

18 destination address 201 which are contained in the application header) (col. 9, lines 

19 28-38); matching said at least one application tag to at least one matching rule (i.e. 

20 where the communication channel is to one of the network addresses) col. 9, Lines 30- 

21 38); and determining a presence of at least one match with said at least one matching 

22 rule (i.e. where the communication channel is to one of the network addresses) (col. 9, 

23 lines 30-38); and performing service differentiation (i.e. setting the quality of service 

24 guarantees, the object code calls the operating system QoS manager 127 to request an 

25 appropriate QoS guarantee to the child process 109) (col. 9, lines 38-55). 

26 Goyal does not explicitly state that the system utilizes application tags from an 

27 application protocol. In analogous art, 777 discloses another QoS system which 

28 differentiates services based on application Layer tags (i.e. traffic classes or traffic types, 

29 such as service type such as HTTP, FTP, etc., and URL of the source and destination and 

30 file types as well which all can be construed as application lags) (col. I /, line 67; col. 

3 1 12, lines 55-67). '777 further discloses the use of traffic policies being applied to traffic 

32 classes to create action rules to control the traffic behavior on specific classes (col. 13, 

33 lines 10-55; col. 15, lines 5-37; col. 16, lines 28-58), and adding and deleting rules 

34 based on a user 's request (col. 13, lines 47-55). It would have been obvious to one of 

35 ordinary skill in the art to combine the teaching of '777 with Goyal in order to improve 

36 the use of bandwidth management in a wide area network by applying various techniques 

37 for rate controlling bases on various attributes of a connection. 
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1 In response, the applicants respectfully states that they take continued exception with the office 

2 communication equivalencies, and/or teachings of the elements of the claim 1 and the invention of 

3 Goyal with or without Vaid. 

4 The office communication states: 

5 (i.e. an inherent feature of receiving a request is that the packet has an application 

6 header) (col. 6, lines 45-50); 

7 Applicants respond that this does not imply that Goyal operates on application information. Goyal 

8 is operating on network protocol information. 

9 The office communication states: 

10 (i.e. attribute information such as source and destination address 201 which are 

1 1 contained in the application header) (col 9, lines 28-38); 

12 Applicants respond that this points out a core of the office communication's misunderstanding. 

13 Source and destination address in Goyal 201 are referring to the source and destination network 

14 address in the network protocol header (e.g. TCP/IP), not the a pplication header . 

15 The office communication states: 

16 (i.e. where the communication channel is to one of the network addresses) (col. 9, lines 

17 30-38); 

18 Applicants respond that Goyal is operating on the network protocol information (e.g. Network 

19 addresses). Goyal is not operating on application header information. An example of a network 

20 address is a TCP/IP address which is part of the network protocol layer, it is not part of the 

21 application layer information. 

22 The office communication states: 

23 (i.e. where the communication channel is to one of the network addresses) col. 9, Lines 

24 30- 38); 



DOCKET NUMBER: YOR920010561US2 



12/29 



Serial No.: 10/053,012 



1 Applicants respond that again Goyal is using network protocol information not application tag 

2 information. 



3 The office communication states: 

4 and performing service differentiation (i.e. setting the quality of service guarantees, the 

5 object code calls the operating system QoS manager 127 to request an appropriate QoS 

6 guarantee to the child process 109) (col. 9, lines 38-55). 

7 Applicants respond that again, Goyal is operating on network protocol information. 

8 The office communication states: 

9 Goyal does not explicitly state that the system utilizes application tags from an 

10 application protocol. In analogous art, 777 discloses another QoS system which 

1 1 differentiates services based on application Layer tags (i.e. traffic classes or traffic types, 

12 such as service type such as HTTP, FTP, etc., and URL of the source and destination and 

13 file types as well which all can be construed as application tags) (col. 11, line 67; col. 

14 12, lines 55-67). '777 further discloses the use of traffic policies being applied to traffic 

15 classes to create action rules to control the traffic behavior on specific classes (col. 13, 

16 lines 10-55; col. 15, lines 5-37; col. 16, lines 28-58), and adding and deleting rules 

17 based on a user 's request (col. 13, lines 47-55). It would have been obvious to one of 

18 ordinary skill in the art to combine the teaching of '777 with Goyal in order to improve 

1 9 the use of bandwidth management in a wide area network by applying various techniques 

20 for rate controlling bases on various attributes of a connection. 

21 Applicants respond that the QoS referred to in Vaid, 777, is referring to bandwidth management, 



22 not to service differentiation for applications. Vaid, 777, is not providing different classes of 

23 service for incoming application requests, as claimed in claim 1 . If it was so obvious Goyal would 

24 have made claims on this 2 years later. This is apparently hindsight in an attempt to find a 

25 combination for elements of the claims, which are not even taught in the combination. 

26 A review of Goyal (col 9, lines 28-38) shows that Goyal is not parsing application headers, Goyal 

27 is doing standard TCP receive processing on the communication protocol header. 

28 Goyal col 6, lines 45-50 does not cover "capture" a complete application header. Simply 

29 receiving a request by the server application as stated in Goyal does not detect and capture the 

30 application header. An awareness of the application header format is required as we have 
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1 described using HTTP as the example. Goyal is simply receiving data NOT capturing/detecting a 

2 complete application header. 



3 Goyal (col 9, lines 30-38) is not matching said at least one application tag to a matching rule, 

4 Goyal is using standard TCP receive processing on a network communication protocol header to 

5 find a desire network address defined in a communication protocol. 

6 Goyal has not disclosed the operating system resources required to provide service differentiation 

7 (i.e. QoS). Goyal has not disclosed the content they differentiate service on, only an identification 

8 of the connection via an IP address. Goyal has not disclosed providing service differentiation 

9 based on application headers or tags. Source and destination addresses mentioned by Goyal are 

10 not included in the application header they are contained in the network transport layer. Thus 

1 1 claim 1 and all claims that depend on claim 1 are allowable over Goyal. 

12 Even with Vaid the elements of claim 1 are not alluded to. Vaid col. 2, lines 33-35 reads: 

13 Telecommunication techniques have been around for numerous years. In the early days, 

14 people such as the American Indians communicated to each other over long distances 

15 using "smoke signals." Smoke signals were generally used to transfer visual information 

16 from one geographical location to be observed at another geographical location. Since 

17 smoke signals could only be seen over a limited range of geographical distances, they were 

18 soon replaced by a communication technique known as telegraph. Telegraph generally 

19 transferred information from one geographical location to another geographical location 

20 using electrical signals in the form of "dots" and "dashes" over transmission lines. An 

21 example of commonly used electrical signals is Morse code. Telegraph has been, for the 

22 most part, replaced by telephone. The telephone was invented by Alexander Graham Bell 

23 in the 1800s to transmit and send voice information using electrical analog signals over a 

24 telephone line, or more commonly a single twisted pair copper line. Most industrialized 

25 countries today rely heavily upon telephone to facilitate communication between 

26 businesses and people, in general. 



27 



29 
30 
31 
32 
33 
34 



28 



Vaid col. 5, lines 20-60 reads: 
1 . Traffic Classes 



An embodiment of the present invention discriminates between traffic classes or traffic 
types. For example, between application/protocol (e.g., HTTP, SMTP, FTP, Telnet), 
data-type (e.g., MIME type, HTML, JPEG, RealAudio, .WAV, MOV), 
source/destination identifier (e.g., IP address, user name, domain, URQ), type (real-time, 
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1 interactive, throughput-intense), direction (inbound/outbound), and the like. Further traffic 

2 classes are based upon specifics user (e.g., President, Shipping Clerk), business group 

3 (e.g., Sales, Engineering, Accounting), priority (e.g., user-determined priority levels), 

4 direction (e.g., inbound, outbound, customer, guest). 
5 

6 FIG. 3 illustrates an example of a hierarchical model for determining bandwidth sharing. 

7 This model is merely an illustration and should not limit the scope of the claims herein. As 

8 illustrated in FIG. 3, a hierarchical model is represented as a tree, with the root 

9 representing the total available bandwidth, each branch node representing aggregated 

10 traffic (meta-traffic classes), and the leaves representing individual connections (traffic 

1 1 classes). This model gives the user flexibility in defining and implementing a service policy 

12 or multiple service policies. For example, the network traffic is first divided in different 

13 ways and then the specific policy refined from a top down approach or amalgamated from 

14 a bottom up approach. This model also provides the user with different methods for 

15 different traffic classes since it abstracts the policy definition from the enforcement or 

16 implementation. 
17 

18 The user typically has competing factors to consider when determining a network QoS 

19 policy, including bandwidth "guarantees", latency "guarantees", and exception control. It 

20 should be understood "guarantees" refer to best efforts of the system to provide service, 

21 and does not in any way imply an absolute guarantee of service. For example, obviously 

22 no service can be provided or guaranteed if the network connection is inoperative, if the 

23 Internet Service Provider (ISP) has hardware or software glitches, or there is a general 

24 Internet crash. 
25 

26 A first factor is bandwidth guarantee, or data throughput guarantee, and how excess 

27 bandwidth is shared. For traffic classes that have data intensive requirements this is an 

28 important criteria. Typically, the user initially determines what are the minimum bandwidth 

29 guarantees that are given for different traffic classes or for connections relying on data 

30 from the different traffic classes, before determining a policy. As result of the policy, the 

3 1 system monitors the actual bandwidth provided to different classes, and preferably if 

32 bandwidth is critically low, the system attempts to provide at least the minimum 

33 bandwidth to the different traffic classes. 
34 



35 A review shows that Vaid doesn't disclose a QoS system as in claim 1 . Vaid may disclose which. 

36 traffic classes or traffic types, such as application protocol such as HTTP, FTP, etc.) (col. 5, lines 

37 20-60). This is not differentiation of services based on application layer tags of claim 1 . One of 

38 ordinary skill in the art could not combine the teaching Vaid with Goyal in order to provide the 

39 method of claim 1 . Claim 1 is not limited to improve the use of bandwidth management in a wide 

40 area network by applying various techniques for rate controlling bases on various attributes of a 

41 connection as supported by Vaid (col. 2, lines 33-35; col. 5. lines 20-60). 
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1 Furthermore the combined art does not allude to "employing differentiating a service class in a 

2 kernel providing service differentiation as a kernel service based on application level information." 

3 The combined art does not allude to "using service differentiation to provide different levels of 

4 quality of service for system performance to users to perform service differentiation based on 

5 content in at least one data packet for connections accepted in said at least one system" The 

6 combined art does not allude to "providing content aware application header-based service 

7 differentiation in a Web server which communicates with clients over a network protecting the 

8 Web server against overload by controlling the amount and rate of work entering the system. " 

9 The combined art does not allude to "capturing said at least one data packet until a complete 

10 application header is detected ." The combined art does not allude to "parsing said complete 

1 1 application header to determine at least one application tag within the kernel which include 

12 classification and action rules ." The combined art does not allude to "matching said at least one 

13 application tag to at least one matching rule ." The combined art does not allude to "determining 

14 a presence of at least one application tag match with said at least one matching rule ." The 

15 combined art does not allude to "performing service differentiation action based on said at least 

16 one matching rule in order to provide a particular level of service from said different levels of 

17 service ." The combined art certainly does not allude to "deleting and adding rules based upon a 

18 user request. Thus claim 1 and all claims that depend on it are allowable over the cited combined 

19 art. 

20 4. Referring to claim 2, '777 discloses the application tag includes a tag in an 

21 application protocol (i.e. a URL is a tag in HTTP) (col. 12, lines 55-65). 

22 In response, the applicants respectfully states that they take continued exception with the office 

23 communication equivalencies, and/or teachings of the elements of the claim 2, and the invention 

24 of Goyal with or without Vaid. One may find patents that refer to, or allude to, an application 

25 tag, but one cannot find a single one that uses an application tag for service differentiation as 

26 stated in claim 1, upon which claim 2 depends. 
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1 A review of Vaid shows that Vaid fails to disclose a method that differentiates services based on 

2 application layer tags. Vaid's. traffic classes or traffic types, such as application protocol such as 

3 HTTP, FTP, etc. (col. 5, lines 20-60) are not an application layer tag as in claim 2. Goyal is 

4 referring to network addresses from the TCP transport layer (col 1, lines 35-45) which is not 

5 application layer information. Thus claim 2 is allowable over the cited art for itself and because it 

6 depends on an allowable claim. 

7 5. Referring to claim 3, it is an inherent feature in HTTP that the URI (i.e. 

8 destination address) is the second string in the HTTP header, (the first string is the 

9 action word, such as GET POST HEAD SYN, etc.). . 

10 In response, the applicants respectfully states that they take continued exception with the office 

1 1 communication equivalencies, and/or teachings of the elements of the claim 3 and the invention of 

12 Goyal with or without Vaid. 

13 The office communication states: 

14 it is an inherent feature in HTTP that the URI (i.e. destination address) is the second string 

1 5 in the HTTP header, (the first string is the action word, such as GET POST HEAD SYN, 

16 etc.) 

17 Applicants respond that in claim 3, applicants are using claim differentiation to be really precise in 

18 what the invention is referring to so, so that for example, a network address could not be 

19 construed as an application tag. Applicants respectfully take exception with the equivalencies of 

20 claim 3 and the application of inherentcy to Goyal and Vaid. Goyal is referring to intercepting 

21 system calls that operate on the transport layer network address which is part of the 

22 communication protocol not application headers like HTTP. Thus claim 3 is allowable over the 

23 cited art for itself and because it depends on an allowable claim. 

24 6. Referring to claim 4, Goyal discloses employing a table having at least one matching 

25 rule (i.e. QoS parameter table 119) (Figure 1; col. 7, lines 60-65). 

26 In response, the applicants respectfully states that they take continued exception with the office 

27 communication equivalencies, and/or teachings of the elements of the claim 4 and the invention of 

28 Goyal with or without Vaid. 
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1 The office communication states: 

2 Goyal discloses employing a table having at least one matching rule (i.e. QoS parameter 

3 table 119) (Figure 1; col. 7, lines 60-65) 

4 Applicants respond that Goyal does not have a table with application level contained it. A table is 

5 indeed a very common construct in the field of computing. The contents and purpose of use are 

6 what differentiate one table from another. The art fails to teach the table of claim 4. 



7 Goyal col. 7, lines 60-65 reads: 



8 In the embodiment of the present invention depicted in FIG. 2, a virtual host quality of 

9 service application program 117 executes in the computer memory 103. The quality of 

10 service program 117 inserts a quality of service parameter table 119 into the operating 

1 1 system 105 of the host computer 101. The quality of service table 119 contains quality of 

12 service parameters for each network address 201 associated with one of the virtual hosts 

13 115 serviced by the virtual host server 107. The quality of service program 117 utilizes 

14 techniques known in the art to insert the table 1 1 9 into the operating system 105. In a 

15 preferred embodiment, the present invention dynamically links a module to an operating 

16 system kernel, while the kernel is active. The module is preferably in the form of object 

17 code comprising an empty quality of service table 119, and subroutines to add, modify, 

18 and delete quality of service parameters for different virtual hosts. The quality of service 

19 application program 117 then calls the appropriate subroutine to add the quality of service 

20 parameters for the virtual hosts 115 serviced by the server program 107. The quality of 

21 service program 117 utilizes the subroutines to add, modify, and delete quality of service 

22 parameters as desired. In alternative embodiments, the module contains additional 

23 subroutines, or only a subset of the subroutines listed above. In one alternative 

24 embodiment, the table 1 19 is first filled with quality of service parameters and then linked 

25 to kernel as a module. In an alternative embodiment, the quality of service table 1 19 is 

26 stored outside of the operating system 105 in computer memory 103. 



27 A review of this section shows that indeed Goyal does not allude to "employing a table having 

28 said at least one matching rule based on application layer information," as in claim 4. A review of 

29 the other cited portion of Goyal (col. 7, line 63) employs a table which can be matched on 

30 network address from the TCP transport layer but that is not matched based on application layer 

3 1 information. Claim 4 is based on application layer information. Thus claim 4 is allowable over the 

32 cited art for itself and because it depends on an allowable claim. 

33 7. Referring to claim 5, Goyal discloses finding a best match (i.e. finding the network 

34 address requested) (col. 9, lines 30-45). 
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1 In response, the applicants respectfully states that they take continued exception with the office 

2 communication equivalencies, and/or teachings of the elements of the claim 5, and the invention 

3 of Goyal with or without Vaid. 

4 The office communication states: 

5 Goyal discloses finding a best match (i.e. finding the network address requested) (col. 9, 

6 lines 30-45) 

7 Applicants respond that claim 5 matching is a common technique in the computer field but the 

8 contents and purpose of the match are what differentiate a match. Claim 5 is matching application 

9 tag information in order to provide different levels of service to users of applications. 



10 Goyal only finds a best match on network address but not any other type of content like 

1 1 application layer information. Claim 5 is content for application layer information. Thus claim 5 is 

12 allowable over the cited art for itself and because it depends on an allowable claim. 

13 8. Referring to claim 6, Goyal discloses service differential ion includes rate controlling 

14 (i.e. guaranteeing a quality of service) (col. 9, lines 38-55). 



15 In response, the applicants respectfully states that they take continued exception with the office 

16 communication equivalencies, and/or teachings of the elements of the claim 6 and the invention of 

17 Goyal with or without Vaid. 

18 The office communication states: 

19 Goyal discloses service differentiation includes rate controlling (i.e. guaranteeing a quality 

20 of service) (col. 9, lines 38-55) 

21 Applicants respond that Goyal does not make references on the specific actions on rate 

22 controlling scheduling connections, monitoring, request prioritization, and a policing action based 

23 on application layer information. In fact application layer awareness maybe required to perform an 

24 intelligent action for a given application. In other words, without application awareness some 

25 actions might be meaningless. For example, if one wants to provide better service for buy versus 

26 browse customers using a web server, application layer information is required. 
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1 Goyal, apparently does not disclose the any of the claimed mechanisms for service differentiation 

2 and further does not disclose any of the mechanisms disclosed in claim 6. Claim 6 reads: 

3 6. A method as in claim 1, wherein said step of performing service differentiation action 

4 includes at least one action taken from a group of actions including: scheduling 

5 connections, monitoring, request prioritization, and a policing action. 

6 Thus claim 6 is allowable over the cited art for itself and because it depends on allowable claim 1 . 

7 9. Referring to claim 8, Goyal discloses said action includes protocol control (i.e. 

8 QoS rate guaranteeing) (col. 9, lines 30-35). 

9 In response, the applicants respectfully states that they take continued exception with the office 

10 communication equivalencies, and/or teachings of the elements of the claim 1 and the invention of 

1 1 Goyal with or without Vaid. 

12 The office communication states: 

13 Goyal discloses said action includes protocol control (i.e. QoS rate guaranteeing) (col. 9, 

14 lines 30-35) 



15 Goyal is not performing the following actions based on application layer information, sending a 

16 reset message, sending an application return code, determining compliance with a given rate 

17 and/or burst, prioritization, weighted round robin, round robin, ordering, recording statistics, 

18 performing a cleanup, and protocol control. Goyal does not perform an application protocol 

19 (e.g. HTTP) action. 

20 Exception with the equivalencies or teaching of claim 8 and the alleged action including protocol 

21 control (i.e. QoS rate guaranteeing) (col. 9, lines 30-35) to Goyal. The protocol of claim 8 is not 

22 found in the referenced portion of Goyal (col 9. lines 30-35). Goyal does not disclose any of the 

23 mechanisms for service differentiation and further does not disclose any of the mechanisms 

24 disclosed in claim 8. Thus claim 8 is allowable over the cited art for itself and because it 

25 ultimately depends on allowable claim 1 . 
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1 10. Referring to claim 9, Goyal discloses installing at least one matching rule (i.e. the 

2 Virtual Host QoS program 117 inserts the QoS Table 119 into the OS to be used by the 

3 QoS manager 127) (col. 7, lines 60-65). 

4 In response, the applicants respectfully states that they take continued exception with the office 

5 communication equivalencies, and/or teachings of the elements of the claim 1 and the invention of 

6 Goyal with or without Vaid. 

7 The office communication states: 

8 Goyal discloses installing at least one matching rule (i.e. the Virtual Host QoS program 

9 117 inserts the QoS Table 119 into the OS to be used by the QoS manager 12 7) (col. 7, 

10 lines 60-65) 

1 1 In response, claim 9 is a method as in claim 1 , further comprising installing at least one matching 

12 rule to provide a higher level of system performance for higher classed packets and connections 

13 based on application layer information. Goyal does not disclose installing at least one matching 

14 rule based on application layer information 

15 Applicants respectfully take exception with the equivalencies and teaching of claim 9 and the 

16 alleged installing at least one matching rule (i.e. the Virtual Host QoS program 117inserts the QoS 

17 Table 119 into the OS to be used by the QoS manager 127) (col. 7, lines 60-65) to Goyal. Goyal 

1 8 only installs matching rules on network addresses not any other content like application 

19 information. A review of the cited portion of Goyal (col. 7, lines 60-65) employs a table which 

20 can be matched on network address from the TCP transport layer but that are not matched based 

21 on application layer information. Claim 9 is amended to show that it is based on application layer 

22 information. Thus claim 9 is allowable over the cited art for itself and because it depends on 

23 allowable claim 1 . 

24 11. Referring to claims 10 and 11, Goyal discloses detecting establishment of a new 

25 TCP connection (i.e. request for Address) (col. 1, lines 15-20; col. 6, lines 45-50). 
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1 In response, the applicants respectfully states that they take continued exception with the office 

2 communication equivalencies, and/or teachings of the elements of the claim 1 and the invention of 

3 Goyal with or without Vaid. 

4 The office communication states: 



7 A review shows that Goyal does not disclose detecting establishment of a new connection for the 

8 purpose of service differentiation based on application layer information and providing admission 

9 control and service differentiation based on connection and application level information as in 

10 claim 10. The address Goyal refers to is the network address which is part of the network 

1 1 protocol and not the application protocol. 

12 In response, the applicants respectfully states that they exception with the equivalencies of claims 

13 10 and 11, and the alleged disclosed detecting establishment of a new TCP connection (i.e. 

14 request for Address) (col. 1, lines 15-20; col. 6, lines 45-50) to Goyal. 

15 Goyal col. 1, lines 15-20 reads: 

16 With the popularity and success of the Internet, server technologies are of great 

17 commercial importance today. Typically, a server program executing on a single physical 

18 host computer services client requests made to a single network address allocated to the 

19 host. However, using Transmission Control Protocol (TCP) and other transport protocols, 

20 a server application executing on a single physical host can be programmed to process 

21 requests made to multiple network addresses. Such functionality is known as virtual 

22 hosting. 



23 Goyal col. 6, lines 45-50 reads: 

24 Client computers 111 send requests 1 13 to a plurality of virtual hosts 115 which are 

25 supported by the server 107. All such requests are received by the server application 

26 program 107 and are processed by the child processes 109. For purposes of example, FIG. 

27 1 illustrates three client computers 1 1 1 (client computer 1 1 1 A, client computer 1 1 IB, and 

28 client computer 1 1 1C), each making separate requests 1 13 to a separate virtual host 115. 

29 It is to be understood that more or fewer client computers 111 can make more or fewer 



5 
6 



Goyal discloses detecting establishment of a new TCP connection (i.e. request for 
Address) (col. J, lines J 5-20; col. 6, lines 45-50) 
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1 

2 



requests 1 13 to more or fewer virtual hosts 1 15. It is to be understood that the clients 1 1 1 
are typically remote from the server 107 and physical host computer 101. 



3 A review of the cited portions shows that Goyal does disclose detecting establishment of a new 

4 TCP connection but for the purpose of routing connections to one of multiple virtual hosts on a 

5 single physical system by intercepting system calls not to provide admission control and service 

6 differentiation based on connection and application level information. 



7 Besides, claim 10 was amended to include "and providing admission control and service 

8 differentiation based on connection and application level information." Thus claims 10 and 1 1 are 

9 allowable over Goyal each for itself and because each depends on an allowable claim. 



10 12. Referring to claim 12, Goyal discloses the step of establishing a new TCP 

1 1 connection includes receiving a SYN packet, sending a SYN-A CK packet, deferring 

12 accept, receiving ACK for SYN-ACK and deferring notification of data packet (this is an 

13 inherent feature of the HTTP basic 3-way handshake for Connection synchronization 

14 which can be found in the Transmission Control Protocol DARPA Internet program 

1 5 protocol Specification September 1981 prepared by Information Sciences Institute, USC, 

16 page- SI Figure 7) (col. 6, lines 45-50). 

17 In response, the applicants respectfully states that they take continued exception with the office 

18 communication equivalencies, and/or teachings of the elements of the claim 1 and the invention of 

1 9 Goyal with or without Vaid. 



20 The office communication states: 

21 Goyal discloses the step of establishing a new TCP connection includes receiving a SYN 

22 packet, sending a SYN-ACK packet, deferring accept, receiving ACK for SYN-ACK and 

23 deferring notification of data packet (this is an inherent feature of the HTTP basic 3-way 

24 handshake for Connection synchronization which can be found in the Transmission 

25 Control Protocol DARPA Internet program protocol Specification September 1981 

26 prepared by Informal ion Sciences Institute, I IS( \ page. 31 figure 7) (col. 6, lines 45-50) 

27 In response, applicants respectfully take exception with the teachings of claim 12 and the alleged 

28 HTTP inherentcy and the art to Goyal. Claim 12 reads: 
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1 12. A method as in claim 11, wherein said step of establishing of a new TCP connection 

2 includes for application header based service differentiation: receiving SYN packet; 

3 sending SYN-ACK packet; deferring accept; receiving ACK for SYN-ACK packet; and 

4 deferring notification of data packet. 



5 Goyal (col. 1, line 34) may indeed indicate that the 3-way handshake is an inherent feature of 

6 TCP. But Goyal does not disclose using the 3-way handshake for application header based 

7 service differentiation. Thus claim 12 is allowable over the cited art for itself and because it 

8 ultimately depends on allowable claim 1 . 

9 13. Referring to claim 13, detecting application header delimiters for said data packet 

10 is an inherent feature of Goyal since without this detection step, the system would not 

1 1 know where the header starts and ends. 

12 In response, the applicants respectfully states that they exception with the equivalencies of claim 

13 13 and the alleged HTTP inherentcy and the art to Goyal. Goyal is not referring to application 

14 headers like HTTP in their disclosure, they are referring to transport or network layer headers 

15 which are defined as clear offsets in the TCP/IP protocol. So Goyal does not have to detect 



16 application layer delimiters. Goyal makes no reference about application header delimiters so 

17 Goyal does not need to detect them. Goyal makes claims on the network protocol headers. 

18 Thus claim 13 is allowable over the cited art for itself and because it depends on allowable claim 

19 1. 

20 14. Claims 14, and 18-20, 22, and 23 are rejected for similar reasons as stated above. 

21 In response, the applicants respectfully states that they exception with the equivalencies of Claims 

22 14, and 18-20, 22, and 23 and the art to Goyal and/or Taylor. It is unfortunate that the office 

23 communication does not even attempt to show the art citations regarding Claims 14, and 18-20, 

24 22, and 23 



25 In response, the applicants respectfully states that claim 14 is not taught by the combination. 
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1 A review of Goyal shows that Goyal does not disclose providing service differentiation by parsing 

2 application layer information (e.g. HTTP headers). They are only concerned with network 

3 addresses and Goyal don't disclose any mechanism for an operating system resource for quality of 

4 service or service differentiation. 

5 Goyal does not do providing content aware application header-based service differentiation in a 

6 server which communicates with clients over a network protecting the server against overload by 

7 controlling the amount and rate of work entering the system. 

8 Goyal does not have the provider of admission control and service differentiation based on 

9 connection and application level information. 

10 Goyal does not have the parser since Goyal is not parsing an application tag. 

1 1 Goyal does not have the selector since Goyal does not have a parsed application tag to select on. 

12 Goyal does not have the performer since Goyal makes requests for service differentiation to be 

13 performed by the operating system quality of service manager, and does define the actions of the 

14 quality of service manager as for claim 14. 

15 Furthermore, Goyal doesn't provide service differentiation as a kernel service based on application 

16 level information of Claims 14, and 18-20,22, and 23. Thus Claims 14 is allowable, and claims 

17 18-20,22, and 23 are allowable over the cited art each for itself and because its dependence on an 

18 allowable claim. 

19 Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over Goyal in view of 

20 777 in view of Taylor et al. (USPN 6, 728,885) (hereinafter Taylor) (cited in previous 

21 Office Actions). 

22 The cited art to Taylor, US Patent 6,728,885, filed: October 8, 1999, is entitled: "System and 

23 method for network access control using adaptive proxies ". The Taylor abstract reads: 
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1 "A method, system and computer program for providing multilevel security to a computer 

2 network. The method comprises the step of receiving a first communication packet on at 

3 least one network interface port from an outside network. The method further includes the 

4 steps of filtering the first packet in one of at least two levels of security comprising a first 

5 level of security which examines the content information of the packet and a second level 

6 of security which examines the first packet excluding the content information of the 

7 packet. The system includes a first packet filter configured to filter its input packets by 

8 examining content information of its packets and a second packet filter configured to filter 

9 its input packets by examining the header information without examining the content 

10 information of its packets. The system further includes a third filter which is configured to 

1 1 forward a number of packets to one of the first and second filters, thereby providing 

12 security to the computer network. The computer program includes a first module located 

13 in an application layer, a second module located in a network layer, and a third module 

14 located in a kernel space and configured to examine a number of packets received by the 

15 computer network from at least one outside network and to forward the number of 

16 packets to one of the first and second modules after examining the number of packets". 

17 Thus Taylor is concerned with network access control using adaptive proxies. Taylor is not 

18 concerned with service differentiation as in Claims 14, and 18-20, 22, and 23. 

19 15. Goya I discloses the invention substantively as described in claim 1. Goyal does not 

20 specifically disclose the step of performing service differentiation includes dropping 

21 based on rules that are created to provide better performance to the connections that are 

22 accepted. In analogous art, Taylor discloses another service differentiation system which 

23 includes dropping a connection based on rules that are created to provide better 

24 performance to the connections that are accepted (i.e. all firewall rules inherently 

25 provide better performance to those connections that are accepted since firewall rules 

26 block incoming traffic which will congest the network and thwart attackers from 

27 disabling the network) (col. 6, lines 25-30). It would have been obvious to one of 

28 ordinary skill in the art to combine the teaching of Taylor with Goyal and 777 in order to 

29 achieve requested levels of security while meeting performance constraints as supported 

30 by Taylor (col. 3, lines 20-25). 

3 1 In response, the applicants respectfully state that they take exception with the equivalencies of the 

32 elements of claim 7 and the inventions of Goyal with Taylor. Claim 7 is not made obvious by the 
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1 combination of the inventions of Goyal and Taylor. Taylor is concerned with system security. 

2 Taylor is not concerned with system performance as in the Claim 7. 

3 Taylor is dropping connections in a firewall for system security. All firewall rules do not 

4 inherently provide better performance. The rule might be blocking connections that only establish 

5 connections that don't use further system resources but the rule might miss the one connection 

6 which makes requests that uses 100% of the system resources. No one disclosure has been made 

7 that enables service differentiation based on application layer information. 

8 Furthermore there is not reason to make the combination of Goyal and Taylor, except using 

9 hindsight in an attempt to reconstruct the elements of claim 7. A combination of art may not be 

10 made if not referred to in one of the cited references. Thus claim 7 is allowable over the cited art. 

1 1 Applicants respectfully take exception with the equivalencies of the claimed invention and the 

12 application of inherentcy to Goyal and Taylor The cited portion to Taylor, col. 3, lines 20-25 

13 reads: 

14 Such specification of resource allocation is called a guarantee of quality of service. 
15 

16 A server, which is a process, executing on a dedicated physical host services client 

17 requests for a single network address (physical host) only. Thus, quality of service can 

18 simply be set for the server to the quality of service appropriate for the host. A virtual host 

19 server services numerous client requests for multiple virtual hosts. A single virtual host 

20 server provides host services for a plurality of customers all of whom may require different 

21 quality of service. Although it would be possible to set a single quality of service for the 

22 virtual host server, no single quality of service is appropriate for all of the virtual hosts. 

23 The other cited portion to Taylor, col. 6, lines 25-30 reads: 

24 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

25 

26 System Overview 

27 

28 FIG. 1 presents a high level overview of a system for setting quality of service guarantees 

29 for virtual hosts in accordance with a preferred embodiment of the present invention. A 

30 single, physical host computer 101 contains computer memory 103, conventional 

3 1 processor(s), networking interfaces, and input/output devices (not shown). An operating 
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1 system 105, a virtual host server application program 107, and a plurality of child 

2 processes 109 of the server application program 107 reside in the computer memory 103. 

3 For purposes of example, FIG. 1 illustrates three child processes 109 of the virtual host 

4 server application program 107: a first child process 109A, a second child process 109B, 

5 and a third child process 109C. It is to be understood that more or fewer child processes 

6 109 can reside in the computer memory 103 as desired. 
7 



8 A review of these portions apparently shows that Taylor [and Goyal] do not disclose or make 

9 obvious any actions from an operating system resource that provide quality of service or service 

10 differentiation for an application. Goyal relies on resources provided by the operating system to 

1 1 provide quality of service or service differentiation and does not specify any actions as stated in 

12 claim 6 or claim 7. Taylor discloses a single action dropping for purpose of security via a firewall 

13 with no mention of performance gain. Dropping has an indirect benefit of performance 

14 improvement only if the administrator properly sets the dropping rule for performance and not 

15 just security. There is no indication in the referenced art of an administrator setting performance 

16 based rules. Thus claim 7 is allowable over the cited art for itself and because it depends on 

17 allowable claim 1. 

1 8 Response to Arguments 

19 16. Applicants arguments filed October 10, 2005 have been fully considered but they are 

20 moot in view of the new grounds of rejection. 

21 In response, the applicants respectfully states that the office communication fails to respond to the 

22 many particular remarks made previously, particularly in regard to dependent claims which are 

23 rejected to Goyal alone. This is believed to be a requirement. 

24 Applicants have further modified the claims in the present application in accordance with 

25 understanding made in a telephone conversation with the Examiner, on February 26, 07. 

26 Applicants show their appreciation for the suggestions made. It is believed that all claims not 

27 withdrawn are certainly now allowable. 
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1 It is anticipated that the present amendment brings to allowance of all claims 1-23 not withdrawn. In the 

2 event that any questions remain, please contact the undersigned before issuing a FINAL rejection. 

3 Please charge any fee necessary to enter this paper to deposit account 50-05 10. 

4 Respectfully submitted, 



5 By: /Louis Herzberg/ 

6 Dr. Louis P. Herzberg 

7 Reg. No. 41,500 

8 Voice Tel. (845) 352-3194 

9 Fax. (845)352-3194 



10 3 Cloverdale Lane 

11 Monsey, NY 10952 

12 Customer Number: 54856 
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